Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Advisory + +Thu Mar 16 14:26:35 EST 2006+ + Integer Overflow in Microsoft Word

From: Jason Mayer <slamboy () gmail com>
Date: Thu, 16 Mar 2006 19:26:40 +0000 (GMT)



Advisory + +Thu Mar 16 14:26:35 EST 2006+ + Integer Overflow in Microsoft Word




+++++++++++++++++++++++++++++++
[+] Background
+++++++++++++++++++++++++++++++
There was no identified background commentary regarding this problem in question.
+++++++++++++++++++++++++++++++
[+] Description
+++++++++++++++++++++++++++++++
Microsoft Word incorrectly parses integer data, and this can be used to execute arbitrary code.

+++++++++++++++++++++++++++++++
[+] Vendor Response
+++++++++++++++++++++++++++++++
Microsoft Word is offered no explanation about this problem indentified.
+++++++++++++++++++++++++++++++
[+] CVE Information
+++++++++++++++++++++++++++++++
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-147587 to this issue

+++++++++++++++++++++++++++++++
Appendix A Vendor Information
+++++++++++++++++++++++++++++++
http://www.microsoft.com

+++++++++++++++++++++++++++++++
Appendix B References
+++++++++++++++++++++++++++++++
RFC 3367

+++++++++++++++++++++++++++++++
Contact
+++++++++++++++++++++++++++++++
Jason Mayer slamboy () gmail com

GSAE CEH SSP-CNSA SSP-MPA CAP 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: